autoriser les personnes autres que les tech à valider les RDF

mondumas/models/default.py

@@ -19,6 +19,13 @@ def execute_query(request, query, params):
     mark_changed(request.dbsession)
     transaction.commit()
 
+def get_userAccess(request, logged_in):
+    member = get_member_by_id(request, logged_in)
+    if member:
+        return member.access 
+    else:
+        return 0 
+    
 def get_codespostaux(request, code):
     query = "SELECT * FROM p_codespostaux WHERE code_postal like :code;"
     results = request.dbsession.execute(query, {'code': code + "%"})

mondumas/templates/agenda/agenda.pt

@@ -8,7 +8,7 @@
 		<form method="POST" id="frm" class="form-horizontal">
 			<div class="form-group">
 				<div class="col-xs-4">
-					<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()" tal:condition="isCommercial==False">
+					<select class="form-control" id="agenda" name="agenda" onChange="$('#frm').submit()" tal:condition="access > 0">
 						<div tal:repeat="item agendas">
 							<option value="${item.CD_UTI}" tal:attributes="selected agenda==item.CD_UTI and 'selected' or None">${item.NOM}</option>
 						</div>

mondumas/templates/dossier/rdf_view.pt

@@ -358,9 +358,9 @@
                         <span class="glyphicon glyphicon-pencil"></span> Modifier</a>
                     <button class="btn btn-danger" type="submit" name="form.delete" tal:condition="not rapport.signature_svg and date_relu==''">
                         <span class="glyphicon glyphicon-remove"></span> Supprimer</button>
-                    <button class="btn btn-success" type="submit" name="form.validate" tal:condition="(logged_in=='JMP' or logged_in=='CAO') and date_relu==''">
+                    <button class="btn btn-success" type="submit" name="form.validate" tal:condition="access > 0 and date_relu==''">
                         <span class="glyphicon glyphicon-ok"></span> Valider</button>
-                    <div tal:condition="(logged_in=='MD' or logged_in=='CAO') and date_relu!=''">
+                    <div tal:condition="access > 0 and date_relu!=''">
                         <br />
                         <a class="btn btn-default" href="/rdf_rapport/${rapport.no_id}">
                             <span class="glyphicon glyphicon-file"></span> Aperçu PDF</a>

mondumas/views/agenda.py

@@ -108,12 +108,8 @@ def agenda(request):
     # liste des users avec agenda
     agendas = get_users_agenda(request, '')
     
-    # le user est-il un commercial ?
     member = get_member_by_id(request, logged_in)
-    if member.access == 0:
-        isCommercial = True 
-    else:
-        isCommercial = False 
+    access = member.access 
     agenda = member.agenda
     
     # prendre en compte les paramètres de saisie
@@ -169,7 +165,7 @@ def agenda(request):
         'calendar_events': json.dumps(events),
         'agendas': agendas,
         'agenda': agenda,
-        'isCommercial': isCommercial,
+        'access': access,
         'types_rdv': types_rdv,
         'type_rdv': type_rdv,
         'message': message,

mondumas/views/dossier.py

@@ -543,6 +543,8 @@ def rdf_list(request):
 @view_config(route_name='rdf_view', renderer='../templates/dossier/rdf_view.pt', permission='view')
 def rdf_view(request):
     logged_in = request.authenticated_userid.upper()
+    # lire code accès du user
+    access = get_userAccess(request, logged_in) 
     norapport = request.matchdict['no_id']
     url = request.route_url('rdf_view', no_id=norapport)
     
@@ -610,7 +612,7 @@ def rdf_view(request):
         'page_title': "Rapport no %s du %s" % (norapport, rapport.date_inter.strftime('%d-%m-%Y')),
         'url': url,
         'pt_name': 'rdf_view',
-        'logged_in': logged_in,
+        'access': access,
         'rapport': rapport,
         'nodossier': nodossier,
         'nochantier': rapport.nochantier,